System and method for smart authentication
Abstract
Various methods, apparatuses/systems, and media for automatically establishing a communication between two or more applications that do not share a compatible authentication model are disclosed. A receiver receives a request from a first application to communicate with a second application, wherein the first application supports a first authentication model and the second application supports a second authentication model which is incompatible with the first authentication model. A processor utilizes a configurable gateway layer, in response to receiving the request, to mediate a communication between the first application and the second application; and routes the request from the first application to the configurable gateway layer. The configurable gateway layer translates the first authentication model to the second authentication model. The processor transmits a message to the second application and automatically establishes a communication between the first application and the second application in response to receiving the message by the second application.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A method for automatically establishing a communication between two or more applications that do not share a compatible authentication model by utilizing one or more processors and one or more memories, the method comprising:
receiving a request from a first application to communicate with a second application, wherein the first application supports a first authentication model and the second application supports a second authentication model which is incompatible with the first authentication model;
configuring a load balancer to route the request from the first application to a configurable gateway layer;
utilizing the configurable gateway layer, in response to receiving the request, to mediate a communication between the first application and the second application;
translating, by the configurable gateway layer, the first authentication model to the second authentication model, wherein the first authentication model is incompatible with the second authentication model, wherein the first authentication model is a Security Assertion Markup Language (SAML) authentication model, and wherein the second authentication model is an OAuth authentication model;
transmitting, in response to the translating, via the configurable gateway layer, a message to the second application;
automatically establishing the communication between the first application and the second application in response to receiving the message by the second application, wherein the first application communicates with the second application with an access token, and the method further comprises:
causing the first application to send the request to the configurable gateway layer with the access token;
validating the access token by an authentication server, wherein the authentication server is a text file; and
automatically establishing the communication between the first application and the second application in response to validating the access token.
2. The method according to claim 1 , wherein the configurable gateway layer is implemented between the first application and the second application.
3. The method according to claim 1 , wherein, in response to the translating, the first authentication model becomes compatible with the second authentication model to automatically establish the communication between the first application and the second application.
4. The method according to claim 1 , wherein, when the first application wants to communicate with the second application for a first time, the method further comprising:
causing the first application to send the request to the configurable gateway layer, without the access token, that the first application wants to communicate with the second application;
sending a request from the configurable gateway layer to the authentication server for validating the request sent by the first application; and
validating, by the authentication server, the request sent by the first application based on verifying credential data of a user of the first application.
5. The method according to claim 4 , wherein the validating of the request sent by the first application further comprising:
receiving an authentication code from the authentication server by the configurable gateway layer;
sending the request with the authentication code by the configurable gateway layer to the authentication server for the access token;
validating the authentication code by the authentication server;
sending, in response to validating the authentication code, the access token from the authentication server to the configurable gateway layer;
sending the access token from the configurable gateway layer to the first application;
causing the first application to send the request to the configurable gateway layer with the access token;
validating the access token by the authentication server; and
automatically establishing the communication between the first application and the second application in response to validating the access token.
6. A system for automatically establishing a communication between two or more applications that do not share a compatible authentication model, the system comprising:
a receiver that receives a request from a first application to communicate with a second application, wherein the first application supports a first authentication model and the second application supports a second authentication model which is incompatible with the first authentication model; and
a processor operatively coupled to the receiver via a communication network, wherein the processor is configured to execute the following:
configure a load balancer to route the request from the first application to a configurable gateway layer;
utilize the configurable gateway layer, in response to receiving the request, to mediate a communication between the first application and the second application;
translate, by the configurable gateway layer, the first authentication model to the second authentication model, wherein the first authentication model is incompatible with the second authentication model, wherein the first authentication model is a Security Assertion Markup Language (SAML) authentication model, and wherein the second authentication model is an OAuth authentication model;
transmit, in response to the translating, via the configurable gateway layer, a message to the second application;
automatically establish the communication between the first application and the second application in response to receiving the message by the second application, wherein the first application communicates with the second application with an access token, and the processor is further configured to:
cause the first application to send the request to the configurable gateway layer with the access token;
validate the access token by an authentication server, wherein the authentication server is a text file; and
automatically establish the communication between the first application and the second application in response to validating the access token.
7. The system according to claim 6 , wherein the configurable gateway layer is implemented between the first application and the second application.
8. The system according to claim 6 , wherein, in response to the translating, the first authentication model becomes compatible with the second authentication model to automatically establish the communication between the first application and the second application.
9. The system according to claim 6 , wherein, when the first application wants to communicate with the second application for a first time, the processor is further configured to:
cause the first application to send the request to the configurable gateway layer, without the access token, that the first application wants to communicate with the second application;
send a request from the configurable gateway layer to the authentication server for validating the request sent by the first application; and
validate, by the authentication server, the request sent by the first application based on verifying credential data of a user of the first application.
10. The system according to claim 9 , wherein in validating the request sent by the first application, the processor is further configured to:
receive an authentication code from the authentication server by the configurable gateway layer;
send the request with the authentication code by the configurable gateway layer to the authentication server for the access token;
validate the authentication code by the authentication server;
send, in response to validating the authentication code, the access token from the authentication server to the configurable gateway layer;
send the access token from the configurable gateway layer to the first application;
cause the first application to send the request to the configurable gateway layer with the access token;
validate the access token by the authentication server; and
automatically establish the communication between the first application and the second application in response to validating the access token.
11. A non-transitory computer readable medium configured to store instructions for automatically establishing a communication between two or more applications that do not share a compatible authentication model, wherein, when executed, the instructions cause a processor to perform the following:
causing a receiver to receive a request from a first application to communicate with a second application, wherein the first application supports a first authentication model and the second application supports a second authentication model which is incompatible with the first authentication model;
configure a load balancer to route the request from the first application to a configurable gateway layer;
utilize the configurable gateway layer, in response to receiving the request, to mediate a communication between the first application and the second application;
translating, by the configurable gateway layer, the first authentication model to the second authentication model, wherein the first authentication model is incompatible with the second authentication model, wherein the first authentication model is a Security Assertion Markup Language (SAML) authentication model, and wherein the second authentication model is an OAuth authentication model;
transmitting, in response to the translating, via the configurable gateway layer, a message to the second application;
automatically establishing the communication between the first application and the second application in response to receiving the message by the second application, wherein the first application communicates with the second application with an access token, and the instructions, when executed, further cause the processor to perform the following:
causing the first application to send the request to the configurable gateway layer with the access token;
validating the access token by an authentication server, wherein the authentication server is a text file; and
automatically establishing the communication between the first application and the second application in response to validating the access token.
12. The non-transitory computer readable medium according to claim 11 , wherein, in response to the translating, the first authentication model becomes compatible with the second authentication model to automatically establish the communication between the first application and the second application.
13. The non-transitory computer readable medium according to claim 11 , wherein the configurable gateway layer is implemented between the first application and the second application.
14. The non-transitory computer readable medium according to claim 11 , wherein, when the first application wants to communicate with the second application for a first time, the instructions, when executed, further cause the processor to perform the following:
causing the first application to send the request to the configurable gateway layer, without the access token, that the first application wants to communicate with the second application;
sending a request from the configurable gateway layer to the authentication server for validating the request sent by the first application; and
validating, by the authentication server, the request sent by the first application based on verifying credential data of a user of the first application.
15. The non-transitory computer readable medium according to claim 14 , wherein in validating the request sent by the first application, the instructions, when executed, further cause the processor to perform the following:
receiving an authentication code from the authentication server by the configurable gateway layer;
sending the request with the authentication code by the configurable gateway layer to the authentication server for the access token;
validating the authentication code by the authentication server;
sending, in response to validating the authentication code, the access token from the authentication server to the configurable gateway layer;
sending the access token from the configurable gateway layer to the first application;
causing the first application to send the request to the configurable gateway layer with the access token;
validating the access token by the authentication server; and
automatically establishing the communication between the first application and the second application in response to validating the access token.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.